The system software of today's single and multiple processor environments usually includes a crude event handling mechanism. The purpose of this mechanism is to provide some degree of control for the potentially large amount of event traffic on the system's communication networks. It is the responsibility of an event handling mechanism to route and/or coordinate the event traffic to best utilize the resources of the system. Existing event handler implementations perform various operations on an event stream. Examples include the deletion, logging, and/or display of certain events, usually on a system console monitored by a system administrator. These event handlers are "hard coded" to handle particular events and particular streams of events. When new events are added to an event stream, major modifications to the event handler must in turn be made to accommodate them. In some cases an entire new event handler is required. A new event handler is almost always required whenever support for a new or different event stream protocol is desired. This situation is further complicated when one considers a system that supports multiple event streams and thus includes multiple event handlers. In this latter system, the addition of a newly supported protocol not only means that a new event handler is required, but it also means that the software that coordinates the event handlers must also be rewritten.
The result of the cost and complexity associated with these modifications is the inability to provide significant function to the end user (e.g., system administrator). For the most part, the example functions cited above (i.e., deletion, logging, and display on a system console) typify current event handler implementations. This limited function in turn results in several problems: entire categories of events must be deleted to accommodate more important categories, some events are never seen because the system console is unattended when an event appears, and logs are so large that it is difficult to detect events of significance. In general, this makes the system administrator task more difficult because that person has only limited control over a large portion of the information necessary to perform their job.